qiurui
/
glibc
mirror of git://sourceware.org/git/glibc.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
glibc/malloc
History
Siddhesh Poyarekar 744b63026a memalign: reinstate alignment overflow check (CVE-2026-0861) 
The change to cap valid sizes to PTRDIFF_MAX inadvertently dropped the
overflow check for alignment in memalign functions, _mid_memalign and
_int_memalign.  Reinstate the overflow check in _int_memalign, aligned
with the PTRDIFF_MAX change since that is directly responsible for the
CVE.  The missing _mid_memalign check is not relevant (and does not have
a security impact) and may need a different approach to fully resolve,
so it has been omitted.

CVE-Id: CVE-2026-0861
Vulnerable-Commit: 9bf8e29ca1
Reported-by: Igor Morgenstern, Aisle Research
Fixes: BZ #33796
Reviewed-by: Wilco Dijkstra <Wilco.Dijkstra@arm.com>
Signed-off-by: Siddhesh Poyarekar <siddhesh@gotplt.org>
(cherry picked from commit c9188d3337)
 		2026-01-15 22:39:02 -05:00
..
Depend
Makefile
Versions
alloc_buffer_alloc_array.c
alloc_buffer_allocate.c
alloc_buffer_copy_bytes.c
alloc_buffer_copy_string.c
alloc_buffer_create_failure.c
arena.c
dynarray-skeleton.c
dynarray.h
dynarray_at_failure.c
dynarray_emplace_enlarge.c
dynarray_finalize.c
dynarray_resize.c
dynarray_resize_clear.c
hooks.c
malloc-check.c
malloc-debug.c
malloc-internal.h
malloc.c memalign: reinstate alignment overflow check (CVE-2026-0861) 2026-01-15 22:39:02 -05:00
malloc.h
mallocbug.c
mcheck-impl.c
mcheck-init.c
mcheck.c
mcheck.h
memusage.c
memusage.sh
memusagestat.c
morecore.c
mtrace-impl.c
mtrace.c
mtrace.pl
obstack.c
obstack.h
reallocarray.c
scratch_buffer_grow.c
scratch_buffer_grow_preserve.c
scratch_buffer_set_array_size.c
set-freeres.c
thread-freeres.c
tst-aligned-alloc-static.c
tst-aligned-alloc.c
tst-alloc_buffer.c
tst-calloc.c
tst-compathooks-off.c
tst-compathooks-on.c
tst-dynarray-at-fail.c
tst-dynarray-fail.c
tst-dynarray-shared.h
tst-dynarray.c
tst-free-errno.c
tst-interpose-aux-nothread.c
tst-interpose-aux-thread.c
tst-interpose-aux.c
tst-interpose-aux.h
tst-interpose-nothread.c
tst-interpose-skeleton.c
tst-interpose-static-nothread.c
tst-interpose-static-thread.c
tst-interpose-thread.c
tst-mallinfo2.c
tst-malloc-aux.h
tst-malloc-backtrace.c
tst-malloc-check.c
tst-malloc-fork-deadlock.c
tst-malloc-stats-cancellation.c
tst-malloc-tcache-leak.c
tst-malloc-thread-exit.c
tst-malloc-thread-fail.c
tst-malloc-too-large.c memalign: reinstate alignment overflow check (CVE-2026-0861) 2026-01-15 22:39:02 -05:00
tst-malloc-usable-tunables.c
tst-malloc-usable.c
tst-malloc.c
tst-malloc_info.c
tst-mallocalign1.c
tst-mallocfork.c
tst-mallocfork2.c
tst-mallocfork3.c
tst-mallocstate.c
tst-mallopt.c
tst-memalign-2.c
tst-memalign-3.c
tst-memalign.c
tst-mtrace.c
tst-mtrace.sh
tst-mxfast.c
tst-obstack.c
tst-posix_memalign.c
tst-pvalloc-fortify.c
tst-pvalloc.c
tst-realloc.c
tst-reallocarray.c
tst-safe-linking.c
tst-scratch_buffer.c
tst-tcfree1.c
tst-tcfree2.c
tst-tcfree3.c
tst-trim1.c
tst-valloc.c